Tarcsys Corporation | Assessments
15707
page-template,page-template-full_width,page-template-full_width-php,page,page-id-15707,,qode-title-hidden,qode-theme-ver-9.1.2,wpb-js-composer js-comp-ver-4.11.2.1,vc_responsive

ASSESSMENTS

The repercussions organizations face for not securing their enterprise can be catastrophic: fines, lawsuits, loss of critical data, significant reputation damage. While many organizations recognize that the risks are real, they are unsure about the effectiveness of their current security programs and how to identify vulnerabilities.

 

Finding and fixing vulnerabilities is certainly a goal of any security assessment. Tarcsys’ security assessment services can help clients improve their defense against potential data compromise including: Personally Identifiable information (PII) and Intellectual Property (designs, source code, accounting/marketing strategy, etc).

Our security assessment services are broken down into two main groups: Audits & Review and Testing.

Audits and Review

This first category of assessments involves researching and reviewing your current security posture and providing detailed analysis and recommendations on how to mitigate found vulnerabilities. Our audits cover a wide range of IT security areas including:

Firewall Audit

Wireless Security

VPN Audit

Network Vulnerability

PCI

HIPAA

SANS 20

ISO 27002

Testing

The previous set of assessments are defensive in nature. Security assessments need to be offensive as well. Offensive assessments involve actual attempts to compromise security. The assessments Tarcsys provides are:

 

  • Social Engineering – Social engineering involve human interaction(s) in an attempt to gain unauthorized access to organization assets or information. In order to accomplish this, Tarcsys testers would engage with an organization staff in a variety of ways to solicit information. Examples of this include phishing emails, pre-texting, and baiting.

 

  • Penetration Testing – Selected staff will attempt to penetrate the security defense of an organization, in attempt to verify security controls are in place and functioning properly.

 

  • Web Application Testing – Similar to penetration testing, this focuses on web applications and web servers specifically. Due to the fact that web server are public facing and have exposure to the Internet, it is vital to ensure that web applications on them are secure from vulnerabilities and exploits